Enhancing privacy in cellular paging system using physical layer identification

ABSTRACT

A method for negating location privacy attacks in cellular networks involves signal processing techniques at the physical identification layer. In particular the methodology involves embedding user&#39;s unique tags onto the downlink paging signal waveforms so that the tags are stealthy and robust. The scheme not only improves users&#39; privacy but also saves system bandwidth.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application claims the benefit of the U.S. provisional patent application No. 61/782,904 filed on Mar. 14, 2013, which is incorporated herein by reference in its entirety.

GOVERNMENT SUPPORT

The subject matter disclosed herein was made with government funding and support under W911NF0710287 awarded by the ARO, FA95501010573 awarded by AFOSR, and HR001110300002 awarded by DARPA. The government has certain rights in this invention.

FIELD OF TECHNOLOGY

The exemplary embodiments of the subject matter described herein relate to wireless communication, and in particular to a method of ensuring location privacy for a user's equipment, from an eavesdropper, that is being paged by a serving base station to enable wireless communication.

BACKGROUND

In cellular networks, mobile stations (MS) are usually battery powered. To prolong the operational time of the MSs, the network architecture allows them to go into idle mode after being inactive for a certain period of time. In idle mode, the MSs do not sustain a connection with the serving base stations (BS). When there is a need to create a connection with an idle MS, e.g. voice calls, data, or system information updates, the BS sends out a notification to the MS in the form of a paging message. The location of an idle MS may have changed since the last time it was in communication. Therefore, the network maintains a tracking area for each idle MS.

A tracking area consists of several cells and the MS has to report if it moves out of the assigned tracking area. In general, paging messages are sent without any confidentiality protection, so that anyone can listen to those messages. The privacy of those being paged is provided through the use of temporary IDs. Those are IDs which only have meaning in the context of the idle MS and the serving network within the tracking area.

Recently, D. F. Kune et al. in “Location Leaks over the GSM air interface,” Proceedings 19th Annual Network and Distributed System Security Symposium (2012), showed that despite the use of temporary IDs, the location of a user's cellphone in a GSM network can still be leaked. In particular, it was shown that an attacker can check if a user's cellphone is within a small area, or absent from a large area, without the user's awareness. Such vulnerability can lead to serious consequences. For example, in an oppressive regime, locations of dissidents can be revealed to suppressive agents without cooperation from reluctant service providers. Another example is that a thief, who attempts a break-in, can use the knowledge of the absence of the target to reduce the threat of encounter.

To perform this location attack, the attacker requires two capabilities: cause paging request messages to appear on the GSM Paging Control Channel (PCCH); and listen on the GSM PCCH broadcast channel.

In GSM networks, paging messages are sent on dedicated time-division channels. The Temporary Mobile Subscriber Identity (TMSI) is used for paging messages. The idea behind the location attack is that the adversary initiates a connection request to the user cellphone (this of course assumes that he knows the target's number), which results in a paging message being sent in the user's tracking area. By observing the paging channel, the adversary obtains a set of possible temporary IDs for the target user. Repeating this procedure several times, the adversary collects several sets of possible temporary IDs, from which he can do a set intersection analysis to get the temporary ID associated with the user's cellphone.

Practical experiments on T-Mobile and AT&T GSM networks show that after 2 or 3 repetitions, the adversary can pinpoint the temporary ID of a user's cellphone. To keep the user unaware of the attack, the connection request to his cellphone has to be terminated before a connection is established, but after the paging message is sent out. In the above referenced paper, the authors, through experiments, show that by calling the target's number and hanging up within 5 seconds, a paging message would be sent out, but the user's phone would not ring. Another way of achieving this goal is to send “silent SMS”, a controversial method used by German and French police to track people.

SUMMARY

After reviewing the paging architecture in LTE networks the applicants were able to prove that a similar location privacy attack is possible in LTE networks. To solve this problem in LTE networks, applicants propose a solution using physical layer identification tags, as described in the exemplary embodiments that follow. Most security measures operate on the bit level and above. Applicants have gone further down, to the physical level of electromagnetic transmissions. Applicants' proposed methodology for solving this problem in LTE networks does not rely on cryptographic primitives.

Overcoming the location privacy attacks in GSM networks, as described above, required either additional control signaling (sending paging messages out to several tracking areas, changing TMSI more frequently) or introducing delay in response to users' requests. Applicants' solution for LTE networks requires neither of these measures. In fact, it requires less signaling than the current standard. However, it does require additional signal processing steps and therefore needs to be incrementally deployed.

It should be emphasized, however, that even though the additional signal processing is not in the standard, it is not computationally expensive. Therefore the effect on power consumption of the UEs is minimal.

Applicants' technique is inspired by the physical layer authentication scheme used for authenticating communications between sender and receivers of wireless communications, as described in U.S. Pat. No. 9,161,214, issued on Oct. 13, 2015, and incorporated herein by reference. In particular, the referenced published application describes a stealthy authentication technique in which the authenticating entity's credential is embedded as a watermark in the transmitted physical waveform. The authenticator detects the presence of the tag in the received waveform, and decides whether the waveform was transmitted by the legitimate transmitter or not.

Applicants have modified and extended this technique to the LTE network paging system by assigning to each user's equipment (UE) a unique tag. These tags are superimposed onto the paging transmitted waveform if the corresponding UEs are paged. The tags are transmitted with very low power such that they can only be detected, and not decoded. By detecting the presence of its tag, a UE learns that it is paged. Because of the stealth property of the tags, an eavesdropper observing the paging waveform learns nothing about who is being paged.

BRIEF DESCRIPTION OF THE DRAWINGS

These and further aspects of the exemplary illustrative non-limiting implementations will be better understood in light of the following detailed description of illustrative exemplary non-limiting implementations in conjunction with the drawings, of which:

FIG. 1 illustrates an example of paging PDCCH and PDSCH in an LTE downlink subframe;

FIG. 2A depicts a scenario with one old UE and one new UE being paged at the same subframe;

FIG. 2B shows PDCCH and PDSCH messages;

FIG. 3A is a flow charts for eNodeB;

FIG. 3B is a flow chart for User Equipment;

FIG. 4A shows DCI decoding performance as a function of SNR wherein the DCI size is 44 bits and the PDCCH size is 144 bits;

FIG. 4B shows DCI decoding performance as a function of SNR wherein the DCI size is 44 bits and the PDCCH size is 288 bits;

FIG. 5 shows the effect of tag power on PDCCH BER for various values of tag power allocation where the PDCCH size is 288 bits, 16 tags are embedded;

FIG. 6A shows the probability of tag detection for PDCCH size of 144 bits;

FIG. 6B shows the probability of tag detection for PDCCH size of 288 bits; and

FIG. 7 depicts an eavesdropper's received constellation at SNR=20 dB, N_(t)=4.

DETAILED DESCRIPTION

Privacy-Enhanced Paging Messages

Applicants analyzed some technical specifications of LTE which establish that the location attacks in GSM networks can also occur in LTE networks. The details of the analysis will be used in creating the solution to the problem as described below.

Control Signaling:

In contrast to the GSM architecture, in LTE there is no dedicated resource for paging. Instead, the paging messages are delivered in the same frequency band as normal data; and the existence of such paging messages in each subframe (1 ms) is indicated in the control channel. In normal operation mode, at the beginning of each LTE downlink subframe, there are up to 4 (out of 14) OFDM symbols used to transmit control data. These Downlink Control Information (DCI) messages carry resource allocation information, Hybrid-ARQ, system information and paging indicator among others. Each control message is encapsulated in a Physical Downlink Control Channel (PDCCH) message. The DCI can be targeted to a specific user equipment (UE), or a group of UEs as in the case of a paging indicator. If the DCI is for a specific UE, the 16-bit CRC generated for that DCI will be XORed with the last 16 bits of the temporary ID of the targeted UE (e.g., Cell Radio Network Temporary Identifier C-RNTI). If the DCI is for a group of UEs, its CRC will be masked with one of the predefined IDs for group control information. The paging indicator ID, P-RNTI, is FFFE (in hexadecimal).

UE Decoding:

The UEs do not know a priori which PDCCH in the control region of a subframe is intended for them. Therefore they perform blind decoding, in which they try all possible sizes of PDCCH. The list of such allowable sizes can be found in 3GPP TS 36.331: Evolved Universal Terrestrial Radio Access (E-UTRA); Physical layer procedures (version 10.4.0) (2011). If after unmasking the CRC of a possible PDCCH message with either a common ID or the UE's temporary ID, the CRC check returns true, then the UE knows that it has successfully decoded a valid PDCCH message. To reduce the number of PDCCH the UEs have to try to decode, each UE is given a search space. The search space is all possible starting positions of a PDCCH. There are UE-specific search spaces and common search spaces. The latter are locations which all UEs have to try decoding from. Group control information, including paging indicator, is sent on the common search space. Due to the requirement that broadcast control information has to reach users with poor channel conditions, group PDCCH have bigger sizes than other PDCCH, which allows for lower code rates to be used. Two allowable sizes for these PDCCH are 72 and 144 resource elements. Resource element is the smallest resource unit in LTE, comprising of 1 subcarrier in 1 OFDM symbol. All control information are modulated with QPSK, therefore the paging PDCCH can have either 144 or 288 bits.

The DCI format for paging indicator is either 1A or 1C. Depending on the system bandwidth (1.4-20 MHz), DCI format 1A, and 1C can have 36-44, and 24-31 bits respectively. This DCI has the location of the paging record in the data portion of the subframe. The UE decodes that location in the Physical Downlink Shared Channel (PDSCH) to get the record. The paging record contains a list of IDs of UEs being paged, which can be either System Architecture Evolution TMSI (S-TMSI) or International Mobile Subscriber Identity (IMSI). In normal cases, the temporary ID S-TMSI is used instead of the permanent ID IMSI. If the UE sees its ID in the list, it knows that it is paged. FIG. 1 illustrates an example of paging PDCCH and PDSCH positions in an LTE downlink subframe (pilots and other type of physical channels are omitted for clarity).

Attacker Model:

Applicants used an analogous attacker model to that described above with respect to GSM networks. The only difference is that Applicants' attacker is capable of causing paging request messages in LTE networks and can listen on LTE paging channels. While the first capability of the attacker remains the same as in the above referenced paper, the above procedure serves to justify the practicality of the second capability. The attacker can listen on the control channel, and unmask PDCCH with P-RNTI. Once the attacker decodes a paging indicator, he can go to the specified location in PDSCH to obtain the list of paged IDs. In the D. F. Kune et al. paper an open source GSM baseband software implementation is used to read the TMSI of paged MSs. While an equivalent open source software for LTE baseband is not available at this moment, it is reasonable to expect that one will be developed in the future. Applicants concluded that the same location attack is feasible in LTE, and security measures should be taken proactively.

To combat the vulnerability in the LTE paging system described above, it is proposed to use a UE's temporary ID as an input to create a tag unique to that UE. If a UE is paged during a subframe, its tag is embedded onto the paging PDCCH. Preferably, tags from two different UEs are uncorrelated. Here “embed” means that the tag is superimposed onto the PDCCH QPSK symbols. To be backward compatible with older user equipment, the content of the paging indicator is left unchanged. A simple scenario where one old UE (Alice) and one new UE (Bob) are paged in the same subframe is illustrated in FIG. 2A, and FIG. 2B shows PDCCH and PDSCH paging messages.

If the tag embedding does not cause too much degradation to the PDCCH signal quality, “Alice” is still able to decode the control information and follow the standard procedure to see if she is paged. “Bob” however can determine if he is paged just by detecting the presence of his unique tag in the PDCCH. Therefore “Bob” does not need to decode the PDSCH, which saves battery considering that most UEs which expect paging messages are in idle mode. Listening on the paging channel, “Eve” can obtain “Alice's” temporary ID, but she cannot get “Bob's” tag. As will be shown later, “Bob's” tag is transmitted with very low power so that nobody (including “Bob”) can decode it. “Bob” however can detect the presence of his tag in the paging PDCCH. Another benefit of this scheme comes in the form of downlink data bandwidth increase. Since “Bob's” ID is no longer needed to be transmitted in PDSCH, that bandwidth can be used for data transmission. The new UE capability as well as paging mechanism can be negotiated with the base station (eNodeB in LTE terms) at connection establishment.

An illustrative exemplary embodiment of the operations at the eNodeB and UE in an LTE communication system are shown, respectively, in FIGS. 3A and 3B. For the eNodeB, shown in FIG. 3A, in S30 a paging DCI (downlink control information) is generated (which includes the location of paging records for backward compatible mobile devices in PDSCH). S32 generates CRC (cyclic redundancy check) for the paging DCI, and masks this CRC with the P-RNTI (Paging-Radio Network Temporary Identifier) (0xFFFE). S34 convolutionally encodes the concatenation of the paging DCI and the masked CRC to provide forward error correction.

In S36 rate matching is performed to achieve the desired code rate, and S38 modulates coded bits into QPSK symbols s. In S40 the tag embedding operation occurs: for all paged UEs i=1, . . . , N_(t): generates i^(th) paged UE's tag (in QPSK symbols), t_(i), from its temporary ID, k_(i), using generator function g(•); generates the PDCCH QPSK symbols by superimposing s and t_(i) (i=1, . . . , N_(t)), with appropriate tag power controlled by system parameters ρ_(s), ρ_(t)

$x = {{\rho_{s}s} + {\frac{\rho_{t}}{\sqrt{N_{t}}}{\sum\limits_{i = 1}^{N_{t}}\; t_{i}}}}$ In S42 standard LTE procedures are followed to transmit the PDCCH QPSK symbols, including the embedded tag.

For the UE, shown in FIG. 3B, in S44 standard LTE procedure is followed to receive a noisy version of downlink control QPSK symbols, {circumflex over (x)} and in S46 the QPSK symbols are demodulated into bits. In S48 and S 50 rate de-matching and Viterbi decoding are performed to generate a candidate bit stream that may contain the paging DCI.

In S52 unmasking and CRC check is performed: for all possible PDCCH locations in the bit stream the operation unmasks (exclusive OR) CRC with P-RNTI then performs the CRC check. If the CRC check fails for all possible PDCCH locations, the standard LTE not-paged procedure is followed. If the CRC check succeeds, the UE obtains paging DCI {circumflex over (b)} and the process proceeds to S54.

In S54 UE generates PDCCH symbols from the obtained paging DCI following a similar procedure as that of eNodeB, ŝ=f_(e)(b). The following operations then occur:

calculate the residue

$r = {\frac{1}{\rho_{t}}\left( {\hat{x} - {\rho_{s}\hat{s}}} \right)}$ using its tag t, calculate the test static τ=t ^(H) r perform hypothesis testing on τ to determine whether t was embedded in x. If the answer to the hypothesis testing is no then the standard LTE not-paged procedure is followed. If the answer is yes, then the standard LTE paged procedure is followed.

The above described operational details for LTE eNodeB and EU are set forth in greater detail below. As will be readily understood by those skilled in the art, the illustrative exemplary embodiments described herein with respect to LTE communication networks are not meant to be limiting, and the general principles of the disclosed subject matter are also applicable for other communication networks.

To maximize the robustness of the tags, Applicants chose to put a tag symbol on every paging indicator PDCCH symbol. Applicants used QPSK to modulate the tags. With this configuration, the tags have the same length as the paging indicator PDCCH, which is either 144 or 288 bits. During a subframe, multiple tags can be superimposed on the same PDCCH, corresponding to multiple UEs being paged at the same time. In the LTE standard, the maximum size of the paging record is 16. In other words, the 3GPP standard leaves room for up to 16 UEs to be paged during 1 subframe. The performance of the proposed methodology will not be analyzed with respect to the number of simultaneous tags, N_(t).

Detailed eNodeB Operations

Let b be the paging DCI. The PDCCH symbols that encapsulate this DCI are s=f_(e)(b). Here f_(e)(•) is the encoding function, which includes CRC, convolutional encoding, rate matching, and QPSK modulation. Let k_(i) i=1, . . . , N_(t), be the i^(th) paged UE's ID. Generate the tag t_(i)=g(k_(i)). As mentioned above, the functionality of the generator function g(•) is to create uncorrelated tags. The elements of b and k_(i) are in bits; while the elements of s and t_(i) are in QPSK symbols {±1,±i}. The tags are superimposed onto the PDCCH to create the transmitted message

$\begin{matrix} {x = {{\rho_{s}s} + {\frac{\rho_{t}}{\sqrt{N_{t}}}{\sum\limits_{i = 1}^{N_{t}}\; t_{i}}}}} & (1) \end{matrix}$

Let s=(s⁽¹⁾, . . . ; s^((L))), i.e., there are L QPSK symbols in the PDCCH signal. For paging indicators, L=72 or 144. Assuming that each symbol of the PDCCH signal and of the tag has zero-mean and unit variance, We have E[s ^((k))]=0,E[|s ^((k))|²]=1 for k=1, . . . ,L E[t _(i) ^((k))]=0,E[|t _(i) ^((k))|²]=1 i=1, . . . ,N _(t)  (2)

Since the tags are uncorrelated among themselves and independent of the PDCCH symbols, E[s ^(H) t _(i)]=0, i=1, . . . ,N _(t)  (3) E[t _(i) ^(H) t _(j)]=0, i,j=1, . . . ,N _(t) , i≠j  (4)

In (1), ρ_(s) and ρ_(t) are system parameters controlling the amount of power allocated to the signal and the tags, respectively. The power constraint is ρ_(s) ²+ρ_(t) ²=1  (5)

From (1)-(5), We have E[s]=E[t _(i) ]=E[x]=0 E[|s| ² ]=E[|t _(i)|² ]=E[|x| ² ]=L, i=1, . . . ,N _(t)  (6) Detailed User Equipment Operations

Decode DCI Assuming a frequency selective fading channel, the received signal at the UEs is y=Hx+w  (7) where H is a diagonal matrix, with the elements being the attenuations at each subcarrier frequency, w is thermal noise at the transmitter and receiver circuitry. In LTE, pilot symbols are transmitted on fixed resource elements to help in channel estimation at the receivers. There are many techniques that the receiver can use to perform channel estimation, e.g. LMMSE. In general, the channel estimate can be written as Ĥ=H+ν  (8) where ν is the estimation error. Let Ĥ^((k))=1, . . . , L be the diagonal elements of Ĥ, the receiver estimates the message symbols as

$\begin{matrix} \begin{matrix} {{\hat{x}}^{(k)} = {\frac{{\hat{H}}^{{(k)}*}}{{{\hat{H}}^{(k)}}^{2}}y^{(k)}}} \\ {= {x^{(k)} - \frac{v^{(k)}x^{(k)}}{{\hat{H}}^{(k)}} + \frac{w^{(k)}}{{\hat{H}}^{(k)}}}} \end{matrix} & (9) \end{matrix}$

It then decodes the DCI {circumflex over (b)}=f _(d)({circumflex over (x)})  (10)

Here f_(d)(•) is the decoding function, which maps QPSK symbols to bits, undoes rate matching, performs Viterbi decoding, and removes CRC. After unmasking with the paging ID (FFFE), the CRC check returns true if the DCI is successfully decoded.

Tag detection the UE regenerates the message symbols from the decoded DCI, ŝ=f_(e)({circumflex over (b)}), and subtracts it from the received signal to get the residue

$\begin{matrix} {r = {\frac{1}{\rho_{t}}\left( {\hat{x} - {\rho_{s}\hat{s}}} \right)}} & (11) \end{matrix}$

Assuming that the UE performs perfect channel estimation, Applicants had

$\begin{matrix} {r = {{\frac{1}{\sqrt{N_{t}}}{\sum\limits_{i = 1}^{N_{t}}\; t_{i}}} + {\frac{1}{\rho_{t}}{\hat{H}}^{- 1}w}}} & (12) \end{matrix}$

It then checks for the presence of its tag, t, by performing hypothesis testing on the statistic τ=t ^(H) r  (13)

The hypotheses are

-   -   H₀: t is not present in r (null hypothesis)     -   H₁: t is present in r (alternative hypothesis)

The statistic under null hypothesis:

$\begin{matrix} {{\tau ❘H_{0}} = {{\frac{1}{\sqrt{N_{t}}}{\sum\limits_{i = 1}^{N_{t}}\;{t^{H}t_{i}}}} + {\frac{1}{\rho_{t}}t^{H}{\hat{H}}^{- 1}w}}} & (14) \end{matrix}$

Condition on t, the second term in (14) is the sum of L Gaussian random variables

$\begin{matrix} {\eta_{2} = {{\frac{1}{\rho_{t}}t^{H}{\hat{H}}^{- 1}w} = {\frac{1}{\rho_{t}}{\sum\limits_{k = 1}^{L}\;\frac{t^{{(k)}*}w^{(k)}}{{\hat{H}}^{(k)}}}}}} & (15) \end{matrix}$

The resulting Gaussian random variable has mean zero and variance

$\begin{matrix} {\sigma_{\eta_{2}}^{2} = {{\frac{1}{\rho_{t}^{2}}{\sum\limits_{k = 1}^{L}\;\frac{\sigma_{w}^{2}}{{H^{(k)}}^{2}}}} = {\frac{1}{\rho_{t}^{2}}{\sum\limits_{k = 1}^{L}\;\frac{1}{\gamma^{(k)}}}}}} & (16) \end{matrix}$ where y^((k)) is the SNR of k^(th) subcarrier.

The first term in (14) can be written as:

$\begin{matrix} {\eta_{1} = {{\frac{1}{\sqrt{N_{t}}}{\sum\limits_{i = 1}^{N_{t}}\;{t^{H}t_{i}}}} = {\frac{1}{\sqrt{N_{t}}}{\sum\limits_{i = 1}^{N_{t}}\;{\sum\limits_{k = 1}^{L}\;{t^{{(k)}*}t_{i}^{(k)}}}}}}} & (17) \end{matrix}$ η₁ is the sum of N_(t)L i.i.d. symbols from the set {±1, ±i}. According to the Central Limit Theorem, it can be approximated by a Gaussian random variable with zero-mean and variance σ_(η) ₁ ²=L.

From (14)-(17), We have

$\begin{matrix} {\tau \mid H_{0} \sim {N\left( {0,{L + {\frac{1}{\rho_{t}^{2}}{\sum\limits_{k = 1}^{L}\;\frac{1}{\gamma^{(k)}}}}}} \right)}} & (18) \end{matrix}$

The statistic under alternative hypothesis: Without loss of generality, let t=t₁. The statistic is

$\begin{matrix} {{\tau ❘H_{1}} = {{\frac{1}{\sqrt{N_{t}}}\left( {{t_{1}}^{2} + {\sum\limits_{i = 2}^{N_{t}}\;{t_{1}^{H}t_{i}}}} \right)} + {\frac{1}{\rho_{t}}t_{1}^{H}{\hat{H}}^{- 1}w}}} & (19) \end{matrix}$

Condition on t₁, the term inside the parentheses in (19) can be approximated as a Gaussian random variable with mean |t₁|²=L and variance (N₁−1) L. Therefore

$\begin{matrix} {\tau \mid H_{1} \sim {N\left( {\frac{L}{\sqrt{N_{t}}},{{\frac{N_{t} - 1}{N_{t}}L} + {\frac{1}{\rho_{t}^{2}}{\sum\limits_{k = 1}^{L}\;\frac{1}{\gamma^{(k)}}}}}} \right)}} & (20) \end{matrix}$

The UE performs a threshold test on T to determine the presence of its tag in the residue.

$\begin{matrix} {H = \left\{ \begin{matrix} H_{0} & {{{if}\mspace{14mu}\tau} \leq \tau^{0}} \\ H_{1} & {{{if}\mspace{14mu}\tau} > \tau^{0}} \end{matrix} \right.} & (21) \end{matrix}$

In making the comparison in (21), We used only the real part of τ. The imaginary parts of τ|H₀ and τ|H₁ have very similar statistic, and therefore do not provide much information. By abuse of notation, We still called the real part τ. The threshold τ⁰ is a value between [0, L/√{square root over (N_(t))}]. The greater τ⁰ is, the higher the probability of miss detection; whereas the smaller τ⁰ is, the higher the probability of false alarm. We chose τ⁰=L/2√{square root over (N_(t))} for good performance in both criteria. With this choice of the threshold, the probability of missing a tag is

$\begin{matrix} {P_{m} = {\Phi\left( \frac{- \frac{L}{2\sqrt{N_{t}}}}{\left( {{\frac{N_{t} - 1}{N_{t}}L} + {\frac{1}{\rho_{t}^{2}}{\sum\limits_{k = 1}^{L}\;\frac{1}{\gamma^{(k)}}}}} \right)^{1\text{/}2}} \right)}} & (22) \end{matrix}$ where Φ(•) is the standard Gaussian cumulative distribution function. To get an idea of the theoretical performance of the scheme, let us look at a special case where the channel is at flat, fading with SNR=10 dB. Assume 10% of the transmitted power is allocated to tags, i.e. ρ_(t) ²=0.1; and 288 bits are used for PDCCH message, i.e. L=144. When 4 users are paged simultaneously, i.e. N_(t)=4, we have P_(m)=0.01. So one can see under that condition, the tags are detected 99% of the time. Simulations

As mentioned above, the PDCCH messages are designed to be very robust. In particular, a low rate (1/3) convolutional code is used. In addition, the paging DCI message can have 24-44 bits. Together with a 16-bit CRC, the size of the message before convolutionally encoded ranges from 40 to 60 bits. Thus the size of the message after convolutionally encoded ranges from 120 to 180 bits. When the PDCCH size is 144 bits, puncture may occur during rate matching. When the PDCCH size is 288 bits, redundant encoded bits are transmitted which effectively increases the SNR at the receiving UEs.

In order to evaluate the effect of the embedded tags on the probability of successfully decoding the DCI, we first simulated the DCI decoding performance with respect to different SNR levels. The results are shown in FIGS. 4A and 4B for, respectively, 144 bits and 288 bits. Here we used the energy per bit to noise power spectral density (EbNo) as the metric for SNR. Also shown is BER of the PDCCH message at the same EbNo levels. FIGS. 4A and 4B give a clear intuition of the PDCCH BER requirements for various DCI decoding performances. For instance, with PDCCH size of 288 bits, one can see that the probability of unsuccessfully decoding a paging DCI decreases rapidly from 0.4 at EbNo=−1 to 10⁻⁵ at EbNo=5. Thanks to the convolutional encoder, the BER required for PDCCH to achieve 10⁻⁵ DCI error rate is only 0.03. When the size of PDCCH is 144 bits, the UEs need an additional 1 dB in SNR to get equivalent performance.

Next we wanted to see the effect of allocating part of the transmission power to the tags on the PDCCH BER. As long as the resulting BER conforms to the requirement obtained above, the scheme will not have a negative effect on the DCI decoding performance. FIG. 5 shows the BER of PDCCH message for various tag powers. We can see that the effect of tag embedment was minimal for ρ_(t) ²≦0.02.

When the channel condition is good, e.g. EbNo=10 dB, 20% of the power can be allocated to tags, which results in BER of 0.04. Referring back to FIG. 4B, this BER corresponds to a DCI decoding error rate of 10⁻⁴. After confirming that we can indeed allocate part of the transmission power to the identification tags, we evaluated the tag detection performance under various system settings. In particular, we altered 3 parameters: tag length, tag power and number of simultaneous tags. We expected the detection performance to increase with tag length and decrease with number of simultaneous tags. Referring back to (18) and (20), we saw that the variance of the test statistic decreases monotonically with increased tag power, and therefore the detection performance will increase monotonically with increased tag power. However, we also knew that increasing tag power degrades DCI decoding performance. If that degradation causes the UEs to fail to decode the paging PDCCH then the tags will be useless. Referring to FIG. 5, we chose tag power allocation ρ_(t) ²=0.05 to be conservative.

FIG. 6A (PDCCH size 144 bits) and 6B (PDCCH size 288 bits) show the probabilities of detecting that the unique tag for a UE is present in two cases: the UE is being paged, and the UE is not being paged (misdetection). We saw a clear superior performance when 288-bit PDCCH is used (shown in FIG. 6B). Applicants considered a rather bad channel condition, EbNo=2 dB, 4 UEs are paged simultaneously. FIG. 6B shows that the scheme still provides tag detection rate of 90% and false alarm rate of 2% if we used 288-bit PDCCH and allocate 5% of the transmission power for the tags. A natural question would be how this performance compares to the current paging system. Both schemes rely on the successful decoding of the paging PDCCH. After this stage, the scheme's performance ties directly to the detection probability of the tags; whereas the current scheme's performance depends on the success of decoding the paging PDSCH. Since these are apples and oranges, a meaningful comparison can only be done through experiments. We noticed that the constellation size and code rate used for data channels are a lot more aggressive than those used for control channels. Therefore it is expected that decoding performance of data channels are worse than that of control channels in the same SNR condition.

The idea behind the physical layer identification technique is to make use of channel noise to obfuscate the tags at the eavesdropper. Assuming that the eavesdropper, “Eve” in FIG. 2A, successfully decodes the paging PDCCH, regenerates the signal s in (1), and subtracts it from her received waveform. What she has left is the sum of the superimposed tags and the channel noise. Since the individual tags are modulated as QPSK symbols (±1, ±i), the normalized sum of multiple tags will have the constellation as shown in FIG. 7. The identity of a UE's tag, say “Bob's,” is hidden under two layers. First, the channel noise limits “Eve” to only partial information about the normalized sum of the tags. Second, since the tags are uncorrelated, the sum of them does not reveal any information about “Bob's” tag to “Eve.” As a result, “Eve” has no reliable way of obtaining “Bob's” tag, and thus she cannot perform a location attack.

In the illustrative exemplary embodiments described herein, a method for paging user equipment in LTE networks while protecting their privacy has been set forth. The method makes use of physical layer identification tags, which are designed to be robust and stealthy. The proposed methodology protects the privacy of paged users by hiding their ID in the transmitted waveforms. Using channel noise as an advantage, the proposed methodology prevents an attacker from decoding the paged user's tag. As a result, attacks on the open nature of the paging channel, are no longer a privacy threat. The methodology also provides bandwidth saving by not requiring the actual user IDs to be transmitted.

Although the illustrative exemplary embodiments have been described with respect to LTE networks those skilled in the art will readily recognize that they are also applicable to other cellular networks including, but not limited to, GSM, WCDMA, and WiMAX. 

What is claimed:
 1. A computer implemented method for a wireless communication system including a base station paging system for locating a mobile station within the base station dedicated broadcast region while preserving the location privacy of the located mobile station, the method comprising: at least one processor with accessible input/output and at least one data store to perform the following: generating a paging message; performing channel coding on the paging message; modulating the coded paging message; generating a unique tag for each one of a plurality of mobile stations; embedding at least one of said generated unique tags with the modulated coded paging message; and transmitting the modulated coded paging message with the at least one embedded unique tag, wherein the total transmitting power of the at least one embedded unique tag ranges from 0.01 to 0.2 of the modulated coded paging message transmitting power.
 2. The method claimed in claim 1, each one of said unique tags being generated based on the corresponding mobile device's temporary ID.
 3. The method claimed in claim 1, wherein the wireless communication system is LTE and the paging message comprises downlink control information (DCI), and the method further comprises: generating a cyclic redundancy check (CRC) for the paging DCI; masking the CRC with a Paging-Radio Network Temporary Identifier (PRNTI); concatenating the masking result to the paging DCI; performing convolutional coding and rate matching to create coded DCI bits; and modulating the coded DCI bits.
 4. The method claimed in claim 1, wherein the modulation is QPSK.
 5. The method claimed in claim 1, wherein the generated unique tags are uncorrelated.
 6. The method claimed in claim 1, wherein the wireless communication system is GSM.
 7. The method claimed in claim 1, wherein the wireless communication system is WCDMA.
 8. The method claimed in claim 1, wherein the wireless communication system is WIMAX.
 9. A computer implemented method for a wireless mobile device used in a wireless communication system which responds to a base station paging signal while preserving the location privacy of the mobile device, the method comprising: at least one processor with accessible input/output and at least one data store to perform the following: receiving a paging signal from a base station; demodulating the paging signal; demodulating and decoding the paging signal into bits; detecting whether a unique tag assigned to the wireless mobile device has been received in the paging signal; and responding to the base station paging signal if the unique tag has been detected, wherein the power level of the unique tag ranges from 0.01 to 0.2 of the received paging signal power.
 10. The method claimed in claim 9, said unique tag being generated based on the mobile device's temporary ID.
 11. The method claimed in claim 9, wherein the wireless communication system is LTE.
 12. The method claimed in claim 9, wherein the wireless communication system is GSM.
 13. The method claimed in claim 9, wherein the wireless communication system is WCDMA.
 14. The method claimed in claim 9, wherein the wireless communication system is WIMAX.
 15. A computer implemented method for a wireless communication system, having at least one base station and at least one mobile device, for locating the mobile device within the base station dedicated broadcast region while preserving the location privacy of the located mobile device, the method comprising: the at least one base station having at least one processor with accessible input/output and at least one data store to perform the following: generating a paging message; performing channel coding on the paging message; modulating the coded paging message; generating a unique tag for each one of a plurality of mobile stations; embedding at least one of said generated unique tags with the modulated coded paging message; transmitting the modulated coded paging message with the at least one embedded unique tag; and each one of said plurality of mobile stations having at least one processor with accessible input/output and at least one data store to perform the following: receiving a paging signal from the at least one base station; demodulating the paging signal; demodulating and decoding the paging signal into bits; detecting whether the unique tag for the corresponding one of a plurality of mobile stations has been received in the paging signal; and responding to the base station paging signal if the unique tag has been detected, wherein the total transmitting power of the at least one embedded unique tag ranges from 0.01 to 0.2 of the modulated coded paging message transmitting power.
 16. The method claimed in claim 15, each one of said unique tags being generated based on the corresponding mobile device's temporary ID.
 17. The method claimed in claim 15, wherein the wireless communication system is LTE.
 18. The method claimed in claim 15, wherein the wireless communication system is GSM.
 19. The method claimed in claim 15, wherein the wireless communication system is WCDMA.
 20. The method claimed in claim 15, wherein the wireless communication system is WIMAX.
 21. The method claimed in claim 15, wherein the generated unique tags are uncorrelated. 